Integrate Lucidchart

1.      Log in to Lucidchart. The Team Spaces page appears.

2.      Click Admin in the menu pane. The Admin page appears.

3.      Click App integration > General. The App integrations page appears.

4.      Click SAML Settings. The Activation page appears.

5.      Scroll to click Download metadata.

6.      Save the metadata file.

7.      Leave this page open to return to in Step 5: Configure Lucidchart for Identity as a Service authentication.

Add Lucidchart as an application to Identity as a Service

1.      Log into your Identity as a Service administrator account.

2.      Click > Security > Applications. The Applications Lists page appears.

3.      Click Add. The Select an Application Template page appears.

4.      Do one of the following:

●       Select SAML Cloud Integrations from the search drop-down list and scroll to find the application you want to add to IDaaS.

- or -

●       In the Search bar, enter a search option to filter for the application you want to add to IDaaS.

5.      Click Lucidchart. The Add Lucidchart page appears.

6.      Enter an Application Name.

7.      Enter an Application Description.

8.      Optional. Add a custom application logo.

a.      Click next to Application Logo. The Upload Logo dialog box appears.

b.      Click  to select an image file to upload.

c.      Browse to select your file and click Open. The Upload Logo dialog box reappears showing your selected image.

d.      If required, resize your image.

e.      Click OK.

9.      Select the Authentication Flow that appears to users during login.

10.  Click Next. The General page appears.

11.  Click to the Upload Metadata XML and browse to the location of the metadata file you downloaded in Step 1: Download the metadata from Lucidchart. The Metadata Configuration dialog box appears.

a.      If required, click Merge with existing values to merge new values with existing values for Alternative Assertion Consumer Services URLs and SAML attribute names.

b.      Click Save.

12.  Enter the SAML Session Timeout to the time when the SAML Assertion times out. The maximum is 720 minutes.

13.  Enter the Max Authentication Age (seconds) to set the maximum amount of time that can elapse before a user is required to reauthenticate during a new login attempt. This applies for both SP-initiated and IDP-initiated login. Set this field to -1 to disable this feature.

14.  From the SAML NameID Attribute drop-down list, select User ID.

15.    From the SAML NameID Encoding Format drop-down list, select Unspecified.

16.  Select the SAML Signing Certificate.

17.  Deselect Enable Go Back Button if you do not want users to be able to go back to the Lucidchart login page to log in.

18.  Add an Alternative Assertion Consumer Service URLs, as follows:

a.      Click Add.

b.      Enter lucidchart1 in the Name field.

c.      Enter the following URL in the Value field:

https://lucid.app/smal/sso/<Entrust> where <Entrust> is your app name.

d.      Select Show in My Profile to display the Alternative Consumer Service URL in a user's My profile page.

e.      Optional. Add an Application Logo.

f.        Click Add.

19.  Select Show Default Assertion Consumer URL Service in the My Profile. When selected, the Default Assertion Consumer URL appears in a user's My Profile page in addition to relay states and Alternative Assertion Consumer URLs.

20.  Add SAML Attributes as follows:

a.      Under SAML Attributes, click Add. The SAML Attributes dialog box appears.

b.       In the Name field enter First Name.

c.      Click Add next to Value(s).

d.       In the Values field, type < and select First Name.

e.      Click Add.

f.        Repeat this procedure to add the following additional user attributes:

–   Last Name

–  Email

21.  Leave the remaining settings at the default values.

22.  Click Submit.

1.      Return to the Lucidchart SAML Activation page you left open in Step 1: Download the metadata from Lucidchart.

2.      In the Domain field enter the domain name for SSO, for example Entrust.

3.      Click Add identity provider and browse to select the metadata file that you downloaded in Step 4: Download the metadata file from Identity as a Service.

4.      Select the metadata file you downloaded in Step 4: Download the metadata file from Identity as a Service.

5.      Click Save changes.

6.      Click Test SAML connection. You should be redirect to the IDaaS log in page.

Test Service Provider login

1.      Open a web browser and enter the URL of Lucidchart.

2.      Click Single sign-on. You are re-directed to Identity as a Service.

3.      Log in to IDaaS.

4.      Respond the second-factor authentication challenge. If you respond successfully, you are logged into Lucidchart.

Test Identity as a Service redirect log in

1.      Log in to your Identity as a Service account.

2.      Go to your My Profile page if you are not already there.

3.      Under Applications, click Lucidchart.

4.      Respond to the second factor authentication challenge. If you respond successfully, you are logged in to Lucidchart.